From 6c2aa9f954b3b4feab41aaadce78fb020c3c38a4 Mon Sep 17 00:00:00 2001 From: Erez Freiberger Date: Tue, 13 Jun 2017 19:08:40 +0300 Subject: [PATCH] add openshift_container_images to openshift provider also process ems_ref for openshift_container_images --- .../providers/openshift/container_manager.rb | 2 ++ .../openshift/container_manager/refresh_parser.rb | 3 +++ app/models/openshift_container_image.rb | 13 +++++++++++++ .../openshift/container_manager/refresher_spec.rb | 4 ++++ 4 files changed, 22 insertions(+) create mode 100644 app/models/openshift_container_image.rb diff --git a/app/models/manageiq/providers/openshift/container_manager.rb b/app/models/manageiq/providers/openshift/container_manager.rb index b0681dc7..08b31e6b 100644 --- a/app/models/manageiq/providers/openshift/container_manager.rb +++ b/app/models/manageiq/providers/openshift/container_manager.rb @@ -8,6 +8,8 @@ class ManageIQ::Providers::Openshift::ContainerManager < ManageIQ::Providers::Co require_nested :RefreshWorker require_nested :Refresher + has_many :openshift_container_images, :foreign_key => :ems_id, :dependent => :destroy + def self.ems_type @ems_type ||= "openshift".freeze end diff --git a/app/models/manageiq/providers/openshift/container_manager/refresh_parser.rb b/app/models/manageiq/providers/openshift/container_manager/refresh_parser.rb index 9d223f72..ac555838 100644 --- a/app/models/manageiq/providers/openshift/container_manager/refresh_parser.rb +++ b/app/models/manageiq/providers/openshift/container_manager/refresh_parser.rb @@ -175,6 +175,9 @@ def parse_openshift_image(openshift_image) ref = "#{ContainerImage::DOCKER_PULLABLE_PREFIX}#{id}" new_result = parse_container_image(id, ref) + new_result[:ems_ref] = openshift_image.metadata.uid + new_result[:type] = 'OpenshiftContainerImage' + if openshift_image[:dockerImageManifest].present? begin json = JSON.parse(openshift_image[:dockerImageManifest]) diff --git a/app/models/openshift_container_image.rb b/app/models/openshift_container_image.rb new file mode 100644 index 00000000..559e65ac --- /dev/null +++ b/app/models/openshift_container_image.rb @@ -0,0 +1,13 @@ +class OpenshiftContainerImage < ContainerImage + acts_as_miq_taggable + include NewWithTypeStiMixin + + def annotate_deny_execution(causing_policy) + ext_management_system.annotate( + "image", + digest, + "security.manageiq.org/failed-policy" => causing_policy, + "images.openshift.io/deny-execution" => "true" + ) + end +end diff --git a/spec/models/manageiq/providers/openshift/container_manager/refresher_spec.rb b/spec/models/manageiq/providers/openshift/container_manager/refresher_spec.rb index 512dcc67..c37663be 100644 --- a/spec/models/manageiq/providers/openshift/container_manager/refresher_spec.rb +++ b/spec/models/manageiq/providers/openshift/container_manager/refresher_spec.rb @@ -1,6 +1,8 @@ describe ManageIQ::Providers::Openshift::ContainerManager::Refresher do let(:all_images_count) { 40 } # including /oapi/v1/images data let(:pod_images_count) { 12 } # only images mentioned by pods + let(:images_managed_by_openshift_count) { 32 } # only images from /oapi/v1/images + let(:images_NOT_managed_by_openshift_count) { 8 } # images only from pod and not /oapi/v1/images before(:each) do allow(MiqServer).to receive(:my_zone).and_return("default") @@ -141,6 +143,8 @@ def assert_table_counts expect(ContainerTemplate.count).to eq(26) expect(ContainerImage.count).to eq(all_images_count) expect(ContainerImage.joins(:containers).distinct.count).to eq(pod_images_count) + expect(OpenshiftContainerImage.count).to eq(images_managed_by_openshift_count) + expect(BasicContainerImage.count).to eq(images_NOT_managed_by_openshift_count) end def assert_ems